For years, patch management has been treated as a solved problem—until reality strikes. Outdated applications, portable executables, patch conflicts, and shadow software leave organizations unknowingly exposed. The tools may exist, but the process often breaks down.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses why their new patch management solution goes beyond legacy approaches. With built-in patch packaging, pre-deployment testing, and granular control, the platform helps teams navigate complex environments while keeping rollback, risk tolerance, and deny-by-default strategies in play. Joining him are Mike Woods, vp of cybersecurity at GE Vernova, and Steve Zalewski, co-host of Defense in Depth.

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Automated attacks are growing in speed and sophistication, far outpacing the human defenses most organizations rely on. Whether it’s credential stuffing, scraping, or denial-of-wallet attacks, bots can drain your resources before they even steal a cent.

In this episode, Sam Crowther, founder of Kasada, discusses how their bot detection and mitigation solution flips the economics of attacks. By disrupting automated behavior at wire speed—without impacting user experience—Kasada ensures you’re doing business with real people, not fake clicks. Joining him are panelists Jimmy Sanders, president of ISSA International, and Jason Elrod, CISO at MultiCare Health System.

Huge thanks to our sponsor, Kasada

Managing privileged access across a sprawling IT environment remains one of cybersecurity’s toughest balancing acts. Admin privileges are often granted too broadly and retained for too long, opening dangerous pathways for lateral movement and ransomware.

In this episode, Rob Allen, chief product officer at ThreatLocker, introduces their Elevation Control tool — a solution designed to help security teams remove unnecessary privileges, apply just-in-time elevation for specific apps, and restrict lateral movement, even within elevated sessions. Joining him are Mike Woods, vp of cybersecurity at GE Vernova, and Steve Zalewski, co-host of Defense in Depth.

Huge thanks to our episode sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Security operations centers (SOCs) are drowning in alerts, forcing analysts to waste time chasing down false positives while real threats slip through. The problem isn’t just efficiency—it’s burnout, missed signals, and limits on what security teams can reasonably triage.

In this episode, Edward Wu, CEO and founder of Dropzone AI, explains how their AI-powered SOC analyst automates triage and investigation for security alerts. The result is more efficient operations, faster detection of real threats, and a significant reduction in alert fatigue. He’s joined by our panelists, TC Niedzialkowski, head of IT and security at Opendoor, and Steve Zalewski, co-host of Defense in Depth.

Huge thanks to our sponsor, Dropzone AI

False positives slow you down. Missed threats put you at risk. Dropzone AI reasons through every alert, pulling context from multiple sources to deliver trusted conclusions in minutes. No noise. No blind spots. Just clear, evidence-backed answers. See it in action—Request a Demo.

Securing endpoints is a persistent challenge, especially in a hybrid working environment. The human factor is an unavoidable element with endpoint security, which means you have to be ready for a lot of unexpected behavior. Centrally managed policies for endpoints can only enhance security if they don’t compromise the flexibility the business needs.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how their Network Control solution offers a endpoint-based firewall to protect these devices. Rob is joined by our panelists, Janet Heins, CISO at ChenMed, and Shaun Marion, vp, CSO at Xcel Energy.

Got feedback? Join the conversation on LinkedIn.

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Customer security reviews often miss their mark, leaving organizations scrambling to compensate with extensive questionnaires that divert attention away from genuine risk management. The inconsistency of these processes and the lack of clear authority or visibility contribute to prolonged timelines and increased frustration. So, how can companies maintain trust without drowning in the complex processes that come with these reviews?

In this episode, Chris Gomes, head of product at Conveyor, discusses how they automate the response to security questionnaires and focus on relieving the burden on customer trust offices overwhelmed by extensive review processes. Chris is joined by our panelists, Steve Gentry, advisor at Cognate Cyber, and Eduardo Ortiz-Romeu, vp, global head of cybersecurity at Techtronic Industries.

Huge thanks to our sponsor, Conveyor

Conveyor’s AI Agent, Sue, automates the entire security review process by handling every customer request for security documents and answering security questionnaires. She also coordinates every step in-between like tagging SMEs, updating tickets, and collaborating with other teams so you do less busywork and your deals close faster. Learn more at Conveyor.com.

We hear all the time that identity is the new perimeter. If we place that much importance on identity, then compromised credentials can give away the keys to the kingdom. In an environment where hybrid infrastructures introduce visibility challenges, the need for advanced monitoring techniques for identities becomes clear.

In this episode, Paul Nguyen, co-founder and co-CEO at Permiso Security, discusses how Permiso enables organizations to fortify their defenses against insider threats and malicious actors. Paul is joined by our panelists, Trina Ford, CISO of iHeartMedia, and Eduardo Ortiz-Romeu, vp, global head of cybersecurity at Techtronic Industries.

Huge thanks to our sponsor, Permiso Security

Protect all identities with comprehensive security against credential compromise, account takeover, and insider risks. Our solution provides unified visibility across authentication boundaries, eliminating fragmented cloud security. Learn more at Permiso.io

Managing application control amid increasing ransomware threats while not impeding business flow remains a challenge. Organizations need a layered defense to bolster their security posture without overinvesting in overlapping tooling.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how their deny-by-default approach to application control helps simplify this persistent challenge. Rob is joined by our panelists, Janet Heins, CISO at ChenMed, and Shaun Marion, vp, CSO at Xcel Energy.

Huge thanks to our sponsor, ThreatLocker

ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

The tendency to focus on merely checking boxes to achieve compliance can lead to superficial solutions that may not effectively reduce operational risk. A strategic pivot towards ensuring compliance through holistic security measures is key; long-term, it demands less effort and provides more substantial protection.

In this episode, Craig Unger, founder and CEO of HyperProof, discusses the company‘s efforts to help companies achieve compliance and manage third-party risks. Craig is joined by our panelists, Trina Ford, CISO of iHeartMedia, and former CISO TC Niedzialkowski

Huge thanks to our sponsor, Hyperproof

Take control of your compliance and risk management with Hyperproof. Simplify audits, automate workflows, and gain complete visibility into your security posture. Trusted by industry leaders, Hyperproof empowers your team to mitigate risks and boost productivity. See it in action—get a demo today!

 

SaaS visibility remains a mixed bag. Within company sanctioned tools we have visibility. But when it comes to visibility across tools, we struggle. And don't forget all of the SaaS apps your employees use that you don't know about. How do you start to address that SaaS visibility gap?

In this episode, Russell Spitler, co-founder and CEO of Nudge Security, discusses how using email as the foundation for SaaS visibility makes the whole situation much easier to manage. Russell is joined by our panelists, Steve Zalewski, co-host of Defense in Depth, and Nick Espinosa, host of the nationally syndicated Deep Dive Radio Show.

Huge thanks to our sponsor, Nudge Security

Nudge Security solves the identity security, IT governance, and third-party risk challenges resulting from SaaS sprawl and GenAI use. With complete SaaS discovery on Day One and automated IT governance workflows, customers can eliminate blind spots, harden security posture, and mitigate supply chain risks without slowing down the business. Learn more at NudgeSecurity.com.